Bitcoin Forum
December 11, 2016, 08:04:15 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 »  All
  Print  
Author Topic: Guy on twitter claims he is working on hash method without brute force.  (Read 8093 times)
jimbobway
Legendary
*
Offline Offline

Activity: 1380



View Profile
May 30, 2011, 04:58:10 PM
 #1

"So i've been working on a method for calculating valid hashes without doing a lame bruteforce"
"If my method works, i'll be able to generate 50BTC every few seconds but i'll lower it a bit to avoid arousing suspicion"

Ummm, satoshi?

http://twitter.com/#!/garethnelson

░░░░░░░░░██████░░░░░░░░░░░░▄▄▄
░░███░░██████░░░░░▄▄▄▄▄░░██
░░███░░█████████████
░░░░░░░░██████▀▀██████████
░░░░░░░░██████░░░░░██████████
░░░░░░▄▄▄▄▄▄░░░▄▄▄░░░░███████
░░░░░██████░░░███░░░░███████
░░░░░██████░░░███
░░░░░███████▄▄▄▄▄████████
░░░░░████████████████████
░░▄▄▄▄▄░░█████░░░░█████████
█████░░█████░░░░█████████
█████░░░░░░░░░░░░█████████
█████░░░░░░░░░░░░░█████████

START GETTING PAID FOR YOUR ATTENTION!
███████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
JUSTICE IN THE WORLD OF ONLINE ADVERTISING!

BUY MASS COIN 】【 ICO PROSPECTUS
VISIT OUR WEBSITE
TWITTER 】【 FACEBOOK 】【 TELEGRAM

1481443455
Hero Member
*
Offline Offline

Posts: 1481443455

View Profile Personal Message (Offline)

Ignore
1481443455
Reply with quote  #2

1481443455
Report to moderator
1481443455
Hero Member
*
Offline Offline

Posts: 1481443455

View Profile Personal Message (Offline)

Ignore
1481443455
Reply with quote  #2

1481443455
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
jimbobway
Legendary
*
Offline Offline

Activity: 1380



View Profile
May 30, 2011, 05:00:02 PM
 #2


garethnelson Gareth Nelson
@
@lemonzest2008 my new approach is going to take lots of fucking about with the maths before I write the actual miner itself
4 minutes ago

garethnelson Gareth Nelson
@
@lemonzest2008 the one on the AFF site is just a mod of a standard miner - there's source available at aspiesforfreedom.com/mining/src
4 minutes ago

garethnelson Gareth Nelson
@
@lemonzest2008 nowhere near complete yet, unless you mean the boring standard one on the AFF site
5 minutes ago


garethnelson Gareth Nelson
@
@lemonzest2008 the bitcoin client? run bitcoind, but note it's a bit slow at generating if that's what you're after
12 minutes ago

garethnelson Gareth Nelson
@
@ZauberExonar great - how's your digital circuit design? in particular, boolean expression simplification for FPGAs
14 minutes ago

garethnelson Gareth Nelson
@
@LozKaye who on earth asked for that?
14 minutes ago

garethnelson Gareth Nelson
If I generate one block a day, at current exchange rates that'd be $11200USD/month - anyone want to help out for a cut?
21 minutes ago

garethnelson Gareth Nelson
@
@FabinetPM you don't know? :O
22 minutes ago

garethnelson Gareth Nelson
I then don't even have to bruteforce - just pick any of the remaining branches at random, then "..." and then "profit" #bitcoin #win
24 minutes ago

garethnelson Gareth Nelson
I eliminate the branches that lead to bits outside of the nonce changing in the input, then i'm left with a fixed set of branches
25 minutes ago
»

garethnelson Gareth Nelson
For NOT gates for example, it's easy - if you want a 0 out, you put a 1 in - for an XOR there's 2 possible inputs that lead to a 1
26 minutes ago

garethnelson Gareth Nelson
Then I can calculate the fixed inputs for each gate that will satisfy the output such that it's got the right number of 0s
27 minutes ago

garethnelson Gareth Nelson
The output is a wildcard prefix and a bunch of 0s at fixed length - I run backwards from the wildcard bits up through the boolean network
27 minutes ago

garethnelson Gareth Nelson
Doing the maths, a circuit with about 6000 logic gates can do SHA256, and 2000 odd of them are OR gates with multiple possible inputs
29 minutes ago

garethnelson Gareth Nelson
If my method works, i'll be able to generate 50BTC every few seconds but i'll lower it a bit to avoid arousing suspicion #bitcoin
30 minutes ago

garethnelson Gareth Nelson
So i've been working on a method for calculating valid hashes without doing a lame bruteforce

░░░░░░░░░██████░░░░░░░░░░░░▄▄▄
░░███░░██████░░░░░▄▄▄▄▄░░██
░░███░░█████████████
░░░░░░░░██████▀▀██████████
░░░░░░░░██████░░░░░██████████
░░░░░░▄▄▄▄▄▄░░░▄▄▄░░░░███████
░░░░░██████░░░███░░░░███████
░░░░░██████░░░███
░░░░░███████▄▄▄▄▄████████
░░░░░████████████████████
░░▄▄▄▄▄░░█████░░░░█████████
█████░░█████░░░░█████████
█████░░░░░░░░░░░░█████████
█████░░░░░░░░░░░░░█████████

START GETTING PAID FOR YOUR ATTENTION!
███████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████
JUSTICE IN THE WORLD OF ONLINE ADVERTISING!

BUY MASS COIN 】【 ICO PROSPECTUS
VISIT OUR WEBSITE
TWITTER 】【 FACEBOOK 】【 TELEGRAM

Quantumplation
Member
**
Offline Offline

Activity: 84


View Profile
May 30, 2011, 05:01:49 PM
 #3

If he succeeds, bitcoin compromization will be the least of our worries.  SHA256 has stood up to mathematical analysis for many years, not just from the bitcoin community but from the entire world.

Against my better judgement... 1ADjszXMSRuAUjyy3ShFRy54SyRVrNDgDc
proudhon
Legendary
*
Offline Offline

Activity: 1148



View Profile
May 30, 2011, 05:04:37 PM
 #4

bitcoinfail.  Oh well, I guess I'll just start playing Crysis 2 now.
eturnerx
Member
**
Offline Offline

Activity: 70


View Profile WWW
May 30, 2011, 05:09:04 PM
 #5

If he succeeds, bitcoin compromization will be the least of our worries.  SHA256 has stood up to mathematical analysis for many years, not just from the bitcoin community but from the entire world.
^this. Good luck to the guy. Many have tried - and there's so much other security infrastructure that uses SHA256 that we Bitcoin is the least of our worries. Besides, bitcoin'd just move to some other hashing algorithm.

WatchMine - get Bitcoin prices and pool stats on your Mobile
Quantumplation
Member
**
Offline Offline

Activity: 84


View Profile
May 30, 2011, 05:10:28 PM
 #6

Looking at how he "thinks" his solution will work, He doesn't understand the concept of destructive operations.  Think of it this way: The simplest hash function is %2.  Basically, given any input, find the remainder after you divide by 2.  It simplifies things down to a keyspace of 1 bit, and obviously there's lots of collisions.  However, given that information, there's no way to go backwards to the original number.  If I say the "hash" is 1, it could be 1, 3, 5, 7, 9, etc.

SHA256 has the following destructive operations:
6x non-carrying addition
Shift right
I believe the combination of ANDs and XORs ends up being destructive.

That's just in one iteration, and there are 64 iterations per hash.

Against my better judgement... 1ADjszXMSRuAUjyy3ShFRy54SyRVrNDgDc
Insti
Sr. Member
****
Offline Offline

Activity: 294


Firstbits: 1duzy


View Profile
May 30, 2011, 05:14:23 PM
 #7

+1 on what Quantumplation said.
Quantumplation
Member
**
Offline Offline

Activity: 84


View Profile
May 30, 2011, 05:17:12 PM
 #8

Quote
Aspie, hacker, part-time CompSci+Psychology OU student, pirate party member, AI geek, Assassins Creed fanatic, pseudo-transhumanist

Ultimately, it looks like he's some young hotshot who thinks he understands everything, considers himself a "hacker", and thinks he can best the worlds top mathematicians because he's 2 years into an associates degree at a shitty college.  I am dissapoint.

Against my better judgement... 1ADjszXMSRuAUjyy3ShFRy54SyRVrNDgDc
Mike Hearn
Legendary
*
Offline Offline

Activity: 1526


View Profile
May 30, 2011, 05:26:47 PM
 #9

For what it's worth I talked to one of the authors behind the current best result against SHA256. They didn't think a failure of SHA256 as it's used in Bitcoin was likely any time soon. The best results from academia produce a random bitstring as the pre-image and only work against a reduced strength version of the algorithm.
John Tobey
Hero Member
*****
Offline Offline

Activity: 481



View Profile WWW
May 30, 2011, 05:31:04 PM
 #10

For what it's worth I talked to one of the authors behind the current best result against SHA256. They didn't think a failure of SHA256 as it's used in Bitcoin was likely any time soon. The best results from academia produce a random bitstring as the pre-image and only work against a reduced strength version of the algorithm.

I thought he was designing a miner.  Why would he need a pre-image for that?  All he needs is a partial collision with zero.

Can a change to the best-chain criteria protect against 51% to 90+% attacks without a hard fork?
proudhon
Legendary
*
Offline Offline

Activity: 1148



View Profile
May 30, 2011, 05:44:51 PM
 #11

Looking at how he "thinks" his solution will work, He doesn't understand the concept of destructive operations.  Think of it this way: The simplest hash function is %2.  Basically, given any input, find the remainder after you divide by 2.  It simplifies things down to a keyspace of 1 bit, and obviously there's lots of collisions.  However, given that information, there's no way to go backwards to the original number.  If I say the "hash" is 1, it could be 1, 3, 5, 7, 9, etc.

SHA256 has the following destructive operations:
6x non-carrying addition
Shift right
I believe the combination of ANDs and XORs ends up being destructive.

That's just in one iteration, and there are 64 iterations per hash.

Oh, wait, so is it safe to go back to mining?
Quantumplation
Member
**
Offline Offline

Activity: 84


View Profile
May 30, 2011, 05:49:24 PM
 #12

Oh, wait, so is it safe to go back to mining?

Er... No... bitcoin is dead, but i'll buy all your bitcoins for $1 each.

Against my better judgement... 1ADjszXMSRuAUjyy3ShFRy54SyRVrNDgDc
Dobrodav
Full Member
***
Offline Offline

Activity: 140


View Profile
May 30, 2011, 05:53:31 PM
 #13

We was lazy disscussed that approuch to breack down the BTC prices (to buy them cheap) on russian local, month ago, and come to conclusion, that there is always be some nerd with numbers in hand, that will destroy that idea, - therefore we refuse it.

proof - http://forum.bitcoin.org/index.php?topic=4128.0

We will  meet in not-so-distant future.
Today`s strange music :
http://www.youtube.com/watch?v=V8mCgjbBPMk
Yesterday`s  strange music:
http://www.youtube.com/watch?v=-uCTyC1FGLw
Mike Hearn
Legendary
*
Offline Offline

Activity: 1526


View Profile
May 30, 2011, 06:18:55 PM
 #14

I thought he was designing a miner.  Why would he need a pre-image for that?  All he needs is a partial collision with zero.

The input is a block header, the contents of which are not flexible. Only the nonce is.
John Tobey
Hero Member
*****
Offline Offline

Activity: 481



View Profile WWW
May 30, 2011, 06:28:52 PM
 #15

I thought he was designing a miner.  Why would he need a pre-image for that?  All he needs is a partial collision with zero.

The input is a block header, the contents of which are not flexible. Only the nonce is.

Ah, of course.

If I'm not mistaken, most effort has gone into "single" SHA256, and though the composition of SHA256 operations would seem harder to crack, one never knows.

Not that I think the Twitter guy is likely to succeed, but in general I see too little attention placed on the strength of Bitcoin's cryptography and too many explanations that fail to mention its theoretical vulnerability.  Or citations in support of its strength, for that matter.

Can a change to the best-chain criteria protect against 51% to 90+% attacks without a hard fork?
Quantumplation
Member
**
Offline Offline

Activity: 84


View Profile
May 30, 2011, 06:34:41 PM
 #16


Ah, of course.

If I'm not mistaken, most effort has gone into "single" SHA256, and though the composition of SHA256 operations would seem harder to crack, one never knows.

Not that I think the Twitter guy is likely to succeed, but in general I see too little attention placed on the strength of Bitcoin's cryptography and too many explanations that fail to mention its theoretical vulnerability.  Or citations in support of its strength, for that matter.


http://en.wikipedia.org/wiki/SHA-2#Cryptanalysis_and_validation

SHA256 isn't JUST used in bitcoin.  It's used in SSL, in banks all over the world, wireless encryption, cellphone encryption, encryption/verification for thousands of open source projects, etc.  If you need a citation for it's strength, it's been used for 10 years in all these fields without any likely attack vector found.

Against my better judgement... 1ADjszXMSRuAUjyy3ShFRy54SyRVrNDgDc
John Tobey
Hero Member
*****
Offline Offline

Activity: 481



View Profile WWW
May 30, 2011, 06:54:23 PM
 #17

If I'm not mistaken, most effort has gone into "single" SHA256, and though the composition of SHA256 operations would seem harder to crack, one never knows.

http://en.wikipedia.org/wiki/SHA-2#Cryptanalysis_and_validation

SHA256 isn't JUST used in bitcoin.  It's used in SSL, in banks all over the world, wireless encryption, cellphone encryption, encryption/verification for thousands of open source projects, etc.  If you need a citation for it's strength, it's been used for 10 years in all these fields without any likely attack vector found.

I'm aware, thank you for spreading the word.

ROT-13 is harder to crack than ROT-13(ROT-13).  Has anyone proven the same is not true of SHA256?  I will be very surprised...

Can a change to the best-chain criteria protect against 51% to 90+% attacks without a hard fork?
unk
Member
**
Offline Offline

Activity: 84


View Profile
May 30, 2011, 06:59:07 PM
 #18

relatively little research has been done on the subproblem of sha256 compromise on which bitcoin's security depends. it is not the same problem as one-to-one collisions (i.e., an outright compromise of the function). in the general case, it cannot be determined whether finding a result that corresponds to a pattern that matches x out of 2^256 hashes is indeed no more than x times easier than forcing a one-to-one collision. there are reasons to think that in bitcoin's particular case, it is just about that easy and thus that bitcoin's use of sha256 in mining is secure - but to my knowledge that hasn't been proven.

update for john: for technical reasons, i'm less concerned about that feature of bitcoin's use of sha256. the problem isn't necessarily the same for cyphers as for hashes. as for the former, as potentially interesting background reading (though not necessarily relevant here), see the excellent classic article by maurer called something like 'the importance of being first' in the journal of cryptology.
FooDSt4mP
Full Member
***
Offline Offline

Activity: 182


View Profile
May 30, 2011, 07:54:51 PM
 #19

If I'm not mistaken, most effort has gone into "single" SHA256, and though the composition of SHA256 operations would seem harder to crack, one never knows.

http://en.wikipedia.org/wiki/SHA-2#Cryptanalysis_and_validation

SHA256 isn't JUST used in bitcoin.  It's used in SSL, in banks all over the world, wireless encryption, cellphone encryption, encryption/verification for thousands of open source projects, etc.  If you need a citation for it's strength, it's been used for 10 years in all these fields without any likely attack vector found.

I'm aware, thank you for spreading the word.

ROT-13 is harder to crack than ROT-13(ROT-13).  Has anyone proven the same is not true of SHA256?  I will be very surprised...


ROT-13 is nondestructive.  Very different from SHA-256.

As we slide down the banister of life, this is just another splinter in our ass.
sandos
Member
**
Offline Offline

Activity: 106


View Profile
May 30, 2011, 07:59:23 PM
 #20

I had this idea about not removing brute-forcing but optimizing the algorithm since not all output bits are needed, so we backtrack and remove all superfluous calculations. But if its 64 rounds per hash and two hashes, I think the gain would be extremely small. And also maybe this optimization has already been done?
Pages: [1] 2 3 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!